From d548da8b5262c228f0481c1808e93d123c15a971 Mon Sep 17 00:00:00 2001
From: sarna <P.Sarna@f5.com>
Date: Thu, 10 Aug 2023 14:48:55 -0600
Subject: [PATCH] Add example for adding crl file as part of config

---
 snippets/terraform/certificates/main.tf    |  5 +++++
 snippets/terraform/certificates/nginx.conf |  1 +
 snippets/terraform/certificates/rootca.crl | 18 ++++++++++++++++++
 3 files changed, 24 insertions(+)
 create mode 100644 snippets/terraform/certificates/rootca.crl

diff --git a/snippets/terraform/certificates/main.tf b/snippets/terraform/certificates/main.tf
index dad9640..e158a71 100644
--- a/snippets/terraform/certificates/main.tf
+++ b/snippets/terraform/certificates/main.tf
@@ -150,6 +150,11 @@ resource "azurerm_nginx_configuration" "example" {
     virtual_path = "/etc/nginx/site/api.conf"
   }
 
+  config_file {
+    content      = filebase64("${path.module}/rootca.crl")
+    virtual_path = "/etc/nginx/ssl/rootca.crl"
+  }
+
   depends_on = [
     azurerm_nginx_certificate.example
   ]
diff --git a/snippets/terraform/certificates/nginx.conf b/snippets/terraform/certificates/nginx.conf
index 9aa9a04..da9d13d 100644
--- a/snippets/terraform/certificates/nginx.conf
+++ b/snippets/terraform/certificates/nginx.conf
@@ -3,6 +3,7 @@ http {
         listen 443 ssl;
         ssl_certificate /etc/nginx/ssl/test.crt;
         ssl_certificate_key /etc/nginx/ssl/test.key;
+        ssl_crl /etc/nginx/ssl/rootca.crl;
         location / {
             return 200 'Hello World';
         }
diff --git a/snippets/terraform/certificates/rootca.crl b/snippets/terraform/certificates/rootca.crl
new file mode 100644
index 0000000..2a41267
--- /dev/null
+++ b/snippets/terraform/certificates/rootca.crl
@@ -0,0 +1,18 @@
+-----BEGIN X509 CRL-----
+MIIC8DCB2QIBATANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJVUzELMAkGA1UE
+CAwCQ08xEDAOBgNVBAcMB0JvdWxkZXIxCzAJBgNVBAoMAkY1MQ4wDAYDVQQLDAVO
+R0lOWDEUMBIGA1UEAwwLZXhhbXBsZS5jb20XDTIzMDgxMDIwMDc0MloXDTIzMDkw
+OTIwMDc0MlowFDASAgEBFw0yMzA4MTAyMDA3MDlaoDAwLjAfBgNVHSMEGDAWgBQ2
+ok8jradeT/E2BnwbwGVHWpAA6zALBgNVHRQEBAICEAAwDQYJKoZIhvcNAQELBQAD
+ggIBADYH/fFN2ILd8bOPwqNtOyAo3KijFsNNdaT3iTuFLHCE4lox+Bqx8PKqPqvA
+f+pOMFrYtHb1cbLjkrjLuo31QOqU/u7CuDwKyqVyZ5c+d+nh5meyL7gAX1aIRnCV
+P6KWzoeqgu/znCE8xeOFxr+PkZq54AEqERa7GosaoMc1Ri2yhisOvlVAm8BffrJD
+RLUAWqxO696awHnWFBN3tNNJlEhJZ0404ZHUXkgy3PzLtg61+BnlpsZn+uq+aFZ0
+a7WXIw7oVsadRv1kBxSDrpPNoy179fcZaSxSXXG91Gi/WwPGoKg/RtEhJqKaNjWv
+lBzefrogaoOpXO12f81tmJN/oFnyaIU+SYeQOy7QP555s4w7pHd5w4hPF7DxAV54
+JMA29ORCOQKcuC6E+4BAgJ8PjNvYgYaA0ONo8vk5R130E8YL6tkcIIZo8Z/GBObq
+c7D7tnd5jxCodVJ0gQHkOjr694lQL2S8yt/mOB1Lw53k/3/MY60OeGIqZZA5oNdF
+nU2nSCvfEqwl2rlJKFS3KqFVhjw//fYKk390fcXdzYPiaMOx+XgSz3k77kgDdG5C
+WFie/54r6e0lT62aFC604atvLv8vm40Gv4NS27hiUSgop2Z5I64bfft50qX4iRDN
+hshS/uZCqs4ghV9nKGfleITGyyZIsrqkaxe5C+Pc9RAz+VN1
+-----END X509 CRL-----